Menu
Apache Cordova fixes flaw that could cause apps to crash

Apache Cordova fixes flaw that could cause apps to crash

It could also cause unwanted dialog boxes to appear

A flaw has been patched in Apache Cordova, a set of widely used APIs, that could cause Android apps to crash or unwanted dialog boxes displayed.

A flaw has been patched in Apache Cordova, a set of widely used APIs, that could cause Android apps to crash or unwanted dialog boxes displayed.

A fix has been released for a vulnerability in a widely used piece of code in Android devices, which could cause apps to crash or display unwanted dialog boxes.

The flaw lies in Apache Cordova, which is a set of APIs (application programming interfaces) that let developers access functions such as a camera or accelerometer using JavaScript, according to its website.

Trend Micro, which found the problem, wrote that 5.6 percent of apps in Google's Play store use Cordova and are vulnerable. iOS is not affected.

Apps using Cordova that "don't have explicit values set in Config.xml can have undefined configuration variables set by Intent," according to a description of the flaw on the Cordova website.

"This can cause unwanted dialogs appearing in applications and changes in the application behavior that can include the app force-closing," wrote Joe Bowser, a senior computer scientist at Adobe Systems, who works on Cordova for Android.

Seven Shen, a mobile threats analyst with Trend Micro who found the problem, wrote the flaw could be exploited by getting a person to click a URL.

Apps that use version 4.0.x or higher should move to 4.0.2 of Cordova. Another version of Cordova 3.7.2 has been released with a patch for apps that are on older versions of the code.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags securitytrend microExploits / vulnerabilitiesApache Cordova

Featured

Slideshows

Meet the leading female front runners of the Kiwi channel

Meet the leading female front runners of the Kiwi channel

Reseller News honoured the leading female front runners of the New Zealand channel at the 2018 Women in ICT Awards (WIICTA) in Auckland. The awards honoured standout individuals across seven categories, spanning Entrepreneur; Innovation; Rising Star; Shining Star; Community; Technical and Achievement.

Meet the leading female front runners of the Kiwi channel
Meet the top performing customer-centric Microsoft channel partners

Meet the top performing customer-centric Microsoft channel partners

Microsoft honoured leading partners across the channel following a year of customer innovation and market growth in New Zealand. The 2018 Microsoft Partner Awards recognised excellence within the context of the end-user, spanning a host of emerging and established providers.

Meet the top performing customer-centric Microsoft channel partners
Reseller News launches new-look Awards at 2018 Judges’ Lunch

Reseller News launches new-look Awards at 2018 Judges’ Lunch

Introducing the Reseller News Innovation Awards, launched to the channel at the 2018 Judges’ Lunch in Auckland. With more than 70 judges now part of the voting panel, the new-look awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors.

Reseller News launches new-look Awards at 2018 Judges’ Lunch
Show Comments